Reference no: EM132704126
Question 1: What is the purpose of using firewall in our network? Give an example, how does a firewall work? Explain the strengths and weaknesses of a firewall. State a situation in which you feel that the firewall is adequate and in which it might be inadequate.
Question 2: On August 15, 2020, the world's largest cruise line operator, Carnival Corporation reported a data breach due to a ransomware attack that breached and encrypted one of its brand's IT infrastructure. Following the attack, the cruise line operator notified law enforcement and hired legal counsel and cyber security experts and launched an investigation. As a part of the investigation team, your job is to create an IT disaster recovery plan for an organization, what are the main points you need to address, give an example. What do you mean by the ethics of online investigations? Do you feel these investigations are invasion of privacy? Why or why not? Explain.
Question 3
Suppose Alice and Bob are sending packets to each other over a 5G communication network. Suppose Trudy positions herself in the network so that she can capture all the packets sent by Alice and send whatever she wants to Bob; she can also capture all the packets sent by Bob and send whatever she wants to Alice.
(a) List some of the malicious things Trudy can do from this position
(b) List some activities Alic and Bob can do to inspect network traffic, accept or reject packets from their IP Address
(c) Recommend some precautions in terms of network management, that Alice and Bob could do to trace whether Turdy is in the middle or not.
Question 4
Name five recent virus and five anti-virus software. In a web browser, what kind of information does the cookies store? Do you think these cookies can invade privacy? why/why-not explain
Question 5
Amazon Web Services (AWS) reports that in February 2020, they defended against a 2.3 -terabit-per-second (Tbps) distributed denial of service (DDoS) attack. As a cyber security engineer name some tools (hardware/software) you recommend to use in analyzing the attack vector. Briefly explain, how you can use security engineering tools (Use-Case diagram and matrix) in analyzing this DDoS attack. Explain how you might have defended against that specific attack.
Question 6
What do you mean by a simple network management protocol (SNMP)? As a part of network error management, can you filter packets captured by a software ( e.g. Wireshark) and HTTP request method, briefly explain below two figures in terms of network error management:
Question 7
In this COVID-19 global pandemic, active phishing campaigns have surfaced, some with the keylogger automatically installed through a email attachment. Name some good and some bad use of a keylogger?, How does a key logger behaves on network and data security? Does an antispyware software detect a key logger? explain.
Question 8
In order to generate a trace of IP datagrams, we can use the traceroute program to send datagrams of different sizes towards some destination, X. Briefly explain the steps in capturing packets from an execution of traceroute.
Given the following ICMP Echo Request (Figure 4.1 shown below, pkt size = 2000, second fragment), identify the following:
• What is the IP address of the computer?
• Within the IP packet header, what is the value in the upper layer protocol field?
• How many bytes are in the IP header? How many bytes are in the payload of the IP datagram?
• Has this IP datagram been fragmented?
• Which fields in the IP datagram always change and which fields stay constant? Describe the pattern you see in the values in the Identification field of the IP datagram.
Question 9
What is Cyber Terrorism? Name and explain two major damages that can cause due to a Cyber attack.
"The Internet is a valuable investigative resource"- Explain this statement in a cyber-detective's points of view.
Question 10
Consider that Host A is sending Host B a large file over a TCP connection. Assume Host B has no data to send Host A. Host B will not send acknowledgments to Host A because Host B cannot piggyback the acknowledgments on data. If it is true and Host A is transferring an enormous file of L bytes to Host B (assume an MSS of 536 bytes), what is the maximum value of L such that TCP sequence numbers are not exhausted? Recall that the TCP sequence number field has 4 bytes. Also, find how long it takes to transmit the file. Assume that a total of 66 bytes of transport, network, and data-link header are added to each segment before the resulting packet is sent out over a 155 Mbps link. Ignore flow control and congestion control so A can pump out the segments back to back and continuously.
Given the following TCP tracing (figure 3.1) shown below, answer the following questions:
• What is the length of each of the first six TCP segments?
• What is the minimum amount of available buffer space advertised at the received for the entire trace?
• Are there any retransmitted segments in the trace file? What did you check for (in the trace) in order to answer this question?
• What is the throughput (bytes transferred per unit time) for the TCP connection? Explain how you calculated this value.
Attachment:- Cyber Security.rar